package org.theSeed.singleSecurity.handler;

import org.aopalliance.intercept.MethodInvocation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.PermissionEvaluator;
import org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler;
import org.springframework.security.access.expression.method.MethodSecurityExpressionOperations;
import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Component;
import org.w3c.dom.html.HTMLHeadElement;

/**
 * 核心鉴权处理器
 */
@Component
public class SeedDefaultMethodSecurityExpressionHandler extends DefaultMethodSecurityExpressionHandler{
    /**
     * 核心颗粒鉴权实现
     */
    @Autowired
    private PermissionEvaluator permissionEvaluator;

    @Override
    protected MethodSecurityExpressionOperations createSecurityExpressionRoot(Authentication authentication, MethodInvocation invocation) {
        SeedSecurityExpressionRoot root = new SeedSecurityExpressionRoot(authentication);
        root.setTrustResolver(getTrustResolver());
        root.setPermissionEvaluator(permissionEvaluator);
        root.setRoleHierarchy(getRoleHierarchy());
        return root;
    }
}
